Fodor-Berecz Anna E.V. (hereinafter referred to as: Service Provider) as the data controller acknowledges the content of this legal notice as binding. It undertakes to ensure that all data processing related to its activities complies with the expectations set out in this policy and the relevant legal regulations.
The purpose of this Policy is to ensure that in all areas of services provided by the Service Provider to every individual (hereinafter: User), regardless of nationality or place of residence, their rights and fundamental freedoms, especially the right to privacy, are respected during the automated processing of their personal data. The Service Provider respects the rights of Users of the website www.budapestexperiences.com (hereinafter: Website); the recorded personal data is handled confidentially in accordance with data protection laws and international recommendations, as specified in this data processing statement. By using the Website, the User accepts the following and consents to the data processing defined below.
Purpose of data processing: The Service Provider processes data provided by the User for specific purposes, exclusively for fulfilling contracts, delivering ordered products, sending newsletters, enabling invoicing, maintaining contact, and later proving the conditions of the contract.
Legal basis for data processing: Data processing by the Service Provider is based on the voluntary consent of Users according to Section 5 (1) (a) of Act CXII of 2011 on Informational Self-Determination and Freedom of Information (hereinafter: Infotv.), as well as Act CVIII of 2001 on certain issues of electronic commerce services and information society services. Users give their consent for each data processing by using the Website, registering, or voluntarily providing the relevant data.
Data controller’s identification:
Name: Fodor-Berecz Anna E.V.
Mailing address: 1158 Budapest, Ady Endre utca 7.
Registration number: 54996100
Tax number: 56360699-1-42
Email address: info@budapestexperiences.com
Phone number: +36 70 418 5411
Duration of data processing: The processing of personal data provided during the registration process starts with registration and continues until deletion. In the case of non-mandatory data, data processing lasts from the time of data submission until the deletion of that specific data. After deletion, user data will be promptly removed from the Service Provider’s system. Within 3 working days of receiving the request, the Service Provider will delete the User’s data from its system.
These provisions do not affect the fulfillment of retention obligations defined in legal regulations (e.g., accounting regulations) and the data processing based on additional consent given during registration on the Website or in any other way.
Scope of processed data: Technical data During the browsing of the Website, technical information is recorded (e.g., in the form of log files containing the user’s IP address, timestamp, URL of visited pages). The system continuously logs this data but does not link it with data provided during registration or usage. The obtained information is accessible only to the Service Provider, not to Users. The Service Provider uses this information solely for the technical operation of the Website and for statistical purposes.
Cookies The system identifies the visitor’s computer with a cookie. To ensure that all content on the Service Provider’s website can be viewed, Users need to enable cookies. Accordingly, when certain parts of the Website are accessed, cookies are placed on the User’s computer, which are necessary for the functioning of certain features of the Website.
Cookies are small text files that are stored on the computer and in the browser. Users will not receive further notifications from the Service Provider regarding this.
The cookies used on the website are listed in the Cookie Information. Cookie Information: https://budapestexperiences.com/cookie-tajekoztato/
Persons with access to the data Primarily, only the Service Provider and its internal staff have access to the data. The data will not be published, shared with third parties, except when the User has given explicit consent. They will be used only for the purposes defined in the Data Processing Statement.
Data processing For the fulfillment of orders, product delivery, and operation of the Website, the Service Provider engages processors. The operator of the Website performs central server operation, maintenance, and development, and personal data provided by the User is stored on the server under their control.
Company name Address Activity KBOSS.hu Kft (Számlázz.hu) 1031 Budapest, Záhony utca 7. Invoicing-related tasks JonhnnyVPS EU servers Europe, Germany, Lärchenstraße 110 Hosting service Foxpost Zrt. 3300 Eger, Maklári út 119. Logistics company and as a sub-processor in this context, The Rocket Sience Group, the operator of www.mailchimp.com.
The selection of partners by the Service Provider was preceded by careful preparation, and they are obliged to handle the confidential data that they become aware of in accordance with legal requirements and our data protection standards.
Data security The Service Provider takes all necessary steps to ensure the security of personal data provided by Users on the Website during network communication, storage, and preservation.
Access to personal data is strictly limited to prevent unauthorized access, unauthorized disclosure, unauthorized alteration, or unauthorized use of personal data.
User rights and enforcement options The right to information Users are entitled to request information about their personal data processed by the Service Provider, and apart from the email address provided during registration, they can modify them at any time as defined in the GTC.
Upon the User’s request, the Service Provider will provide information about the processed data, the purpose, legal basis, duration of data processing, and who and for what purpose have received or will receive the data. The Service Provider will provide the requested information in writing within 30 days from the submission of the request.
The User may address any questions or observations regarding data processing to the Service Provider’s representative through the contact details provided below.
Correction, storage, and blocking of data Users are entitled to request the correction of incorrectly recorded data or deletion of such data by contacting the contact details provided below. The Service Provider will delete the data within 3 working days from the receipt of the request; in this case, the data cannot be restored. Deletion does not apply to data processing required by law (e.g., accounting regulations), which will be retained by the Service Provider for the necessary period.
Users may also request the blocking of their data. The Service Provider will block the personal data if the User requests it, or if it can be assumed based on the available information that deletion would harm the legitimate interests of the User. The blocked personal data can only be processed as long as the purpose of data processing prevents their deletion.
Regarding correction, blocking, and deletion, the User and all those who have previously been given the data for the purpose of data processing must be notified. Notification can be omitted if it does not violate the legitimate interests of the User regarding the purpose of data processing.
If the data controller does not fulfill the request for correction, blocking, or deletion, within 30 days from the receipt of the request, they will provide written information about the factual and legal reasons for rejecting the request for correction, blocking, or deletion.
Objection to Data Processing The User can object to the processing of their personal data. The Service Provider shall examine the objection within the shortest possible time from the submission of the request, but no later than 15 days, decide on its validity, and inform the requester in writing of its decision.
The data subject can exercise their rights through the following contact details:
Name: Fodor-Berecz Anna E.V. Mailing Address: 1158 Budapest, Ady Endre utca 7. Email: info@budapestexperiences.com
The User may enforce their rights in court based on the Infotv. and the Civil Code (Act IV of 1959) They may also turn to the National Authority for Data Protection and Freedom of Information (1374 Budapest, Pf. 603; www.naih.hu).
Newsletter The Service Provider allows the User to subscribe to the newsletter on the Website independently of registration. The newsletter contains direct marketing elements and advertisements. During the use of the newsletter, the Service Provider processes the data provided by the User.
The User can unsubscribe from the newsletters at any time, without restrictions or justification, free of charge. This can be done by letter, email, or by clicking the “Unsubscribe” link at the bottom of the newsletters. In this case, the Service Provider will delete all personal data necessary for sending newsletters from its records and will not contact the User with further newsletters or offers. The Service Provider will send emails containing advertisements or advertisements (newsletter) to the electronic email addresses provided during registration only with the explicit consent of the User, in accordance with legal requirements and in the manner required.
Other Provisions The Service Provider reserves the right to unilaterally modify this Data Processing Policy with prior notification to Users. After the modification becomes effective, Users implicitly accept the provisions of the modified Data Processing Policy by using the service.
If the User provided the data of a third party during the use of the service, either during registration or when subscribing to the newsletter, or if they caused any harm in any way during the use of the Website, the Service Provider is entitled to seek compensation for damages from the User.
The Service Provider does not verify the personal data provided to it. The suitability of the provided data is the sole responsibility of the person providing it. When providing an email address, any User also takes responsibility for ensuring that the provided email address is used exclusively by them for the purpose of receiving the service. With regard to this assumption of responsibility, any and all liability related to logins made with a provided email address rests solely with the User who registered the email address.
By using the Website, the registered User also undertakes to ensure that the content, provided data, and information editable and displayed on the Website do not violate the rights and legitimate interests of third parties and the Service Provider.
In the aforementioned cases, the Service Provider will provide all possible assistance to the competent authorities for the purpose of determining the identity of the infringing person. In these cases, or in case of non-compliance with the GTC, the Service Provider is entitled to delete the User’s registration or unsubscribe from the newsletter; in this case, the Service Provider is not liable for damages arising from the deletion due to non-compliance.
Effective Date of this Data Processing Policy: Aug 1st, 2023.